Security is a concern
Because business is becoming aware. Slowly, but aware. Those of us in security say "Thank Gosh"... Or the Deity of your choosing...
A data breach will cost you in more than dollars. It will cause a loss of confidence. That means even more dollars. Not good.
We seem to insist on seeing breaches as a single action- a laptop stolen, a file misplaced, an HDD sent to the wrong bin. This is where we are wrong.
Security begins at the laptop, HDD, file. It is about how we think about information and it's vulnerability. It is about how hard we are willing to push our off shore partners to understand that this is a real concern here and that they MUST manage to minimums that are not negotiable.
Jason, I could fill a book with what I know about security. Let me tell you WHY.
I lost my identity (and the content of my bank account, debit card, overdraft card, etc) at about the same time as I was diagnosed with cancer. What was the most important issue to me?
I did, or tried to do all the right things. My bank informed me that I was required to repay the debits that were run up as I could not prove conclusively that I had not run those debits. And if my accounts had been drained, that was my problem.
So suddenly, I cannot pay rent and had a major health issue.
Enter:... nothing. I had to manage.
Security is a beautiful thing. No one really cares but we like to think that they do.
I know a major retailer that hires BAs to manage their security and are quite happy to do so. I don't shop with that retailer- even though my step-son has worked there for many years,
Security SHOULD be a cornerstone. Too many think that it is negligible.
Your PII out in the world. Good thing?
